It is believed that everyone is familiar with DDoS attacks and CC attacks. At least, website owners are pale at the news, because once they are attacked by these two types of attacks, they will cause great trouble to their own websites, cause the websites to be unable to open or severely stuck, seriously affect the user experience, lead to the loss of users, and cause huge losses to website owners. However, few people really understand these two attacks against the server, so today Micronet will take you to understand the difference between DDoS attacks and CC attacks, to help more users who do not understand learn how to distinguish and minimize the loss of their websites.
First of all, Micronet will show you what is a DDoS attack?
DDoS full name: DDoS: Distributed Denial of Service. Among the three elements of "confidentiality", "integrity" and "availability", "availability" is the target of denial of service attacks. This attack mode, which makes use of network service function defects or directly consumes system resources, makes the target system unable to provide normal services.
The problem of denial of service attack has not been reasonably solved, and now it is still a worldwide problem. The reason is that the network protocol itself has security flaws, so denial of service attack has become the ultimate means of attackers (I will not repeat here, please refer to Baidu for details). The attacker executes a denial of service attack, which causes the server to have two effects:
First, force the server buffer to be full and not accept new requests;
Secondly, use IP spoofing to force the server to reset the connection of legitimate users, affecting the connection of legitimate users.
What is the principle of CC attack? We often hear that receiving D orders and CC orders is also a denial of service attack? What is the difference between the two operating systems? Many people cannot distinguish between DDoS attacks and CC attacks.
The full name of CC attack is Challenge Collapsar, which means "challenging black holes" in Chinese. Because the security devices that used to resist DDoS attacks were called black holes, as the name implies, "black holes". There is no way to deal with such attacks. The new generation of DDoS devices have been renamed ADS (Anti DDoS System), which can basically resist CC attacks.
Its principle is to simulate multi-user access to dynamic pages of target websites through proxy servers or a large number of broilers, generate a large number of background database query operations, consume CPU resources of target websites, and cause denial of service. Unlike DDoS, which can use hardware firewalls to filter attacks, CC attack requests are normal. As we all know, website pages are divided into static pages and dynamic pages. Dynamic pages need to interact with the background database. For example, some forum users need to query your level and permission in the database when logging in, and you need to query your permission and synchronize data when leaving messages. This will consume a lot of CPU resources, leading to static pages can be opened, However, dynamic web pages that need to interact with the database are slow to open or cannot be opened. Compared with the first two implementations, this attack mode is more complex, but it is simpler to defend. Enterprises providing services can resist ordinary CC attacks by using as few dynamic web pages as possible and allowing some operations to provide verification codes.
From here, we can see the difference between DDoS and CC. The target of DDoS attack is the server of the website, while the target of CC attack is the webpage attack of the website. In terms of "Web network layer denial of service attack" (DDoS), "Web application layer denial of service attack" (CC), the network layer is to attack the server of the target website by using the traffic of the broiler to attack the source content, If the server is paralyzed, the website running on the server cannot be accessed normally. Moreover, the application layer is what our users see. Just like web pages, CC attacks are aimed at web pages. CC attacks are normal requests in themselves, and the normal requests of website dynamic pages will also interact with the database. When this "normal request" reaches a certain level, the server will be unable to respond, thus crashing.
Every Double 11, everyone is busy preparing to rush to buy goods. The computer rooms of major e-commerce platforms are often brightly lit, and they nervously observe everything. All kinds of flow cleaning equipment, software and hardware are used. Just because they are afraid that the server will collapse, there will be more than one loss. The investment of e-commerce platforms in this area is also relatively large. Therefore, it is not unreasonable for some website makers to jokingly call the Double 11 as the largest DDoS attack in China, which also explains the principle of DDoS for us from another aspect, so that we can better understand the principle.
The above points are the differences between DDoS attacks and CC attacks analyzed by Micronet I believe you have also paid enough attention to server security , if you still don't know anything, please contact us. If you have more questions about virtual hosting, please consult Micronet. Micronet is an IDC service provider focusing on server rental and hosting. With more than 10 years of industry experience, it is safe, stable, reliable and reassuring. It is a leading enterprise in the domestic IDC industry. It helps thousands of enterprises to achieve network informatization, 7 * 24 hours of manual service, after-sales care free, and has a good reputation.
